commit 0c26ca5a864dd457ec0b76639df21f333ffcd6d9 parent c8469c1d7100a08baa625ae50d3ea7b83e46c928 Author: parazyd <parazyd@dyne.org> Date: Thu, 6 Oct 2016 10:43:17 +0200 begin refactoring Diffstat:
A | .gitmodules | | | 3 | +++ |
M | Makefile | | | 64 | ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------ |
A | coffin | | | 39 | +++++++++++++++++++++++++++++++++++++++ |
A | config.mk | | | 17 | +++++++++++++++++ |
A | daemon | | | 28 | ++++++++++++++++++++++++++++ |
R | src/extra/Makefile -> extra/Makefile | | | 0 | |
R | src/extra/apachedav -> extra/apachedav | | | 0 | |
R | src/extra/coffin.init -> extra/coffin.init | | | 0 | |
A | extra/coffin.key | | | 52 | ++++++++++++++++++++++++++++++++++++++++++++++++++++ |
A | extra/coffin.pem | | | 31 | +++++++++++++++++++++++++++++++ |
R | src/extra/conf.sh -> extra/conf.sh | | | 0 | |
R | src/extra/davpasswd -> extra/davpasswd | | | 0 | |
R | src/extra/gen.sh -> extra/gen.sh | | | 0 | |
M | helpers/makehook | | | 15 | +++++++++++---- |
A | sacrist | | | 100 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
D | src/Makefile | | | 65 | ----------------------------------------------------------------- |
D | src/coffin | | | 39 | --------------------------------------- |
D | src/sacrist | | | 106 | ------------------------------------------------------------------------------- |
D | src/zlibs/features | | | 126 | ------------------------------------------------------------------------------- |
D | src/zlibs/hooks | | | 160 | ------------------------------------------------------------------------------- |
D | src/zlibs/keyfiles | | | 75 | --------------------------------------------------------------------------- |
D | src/zlibs/mounts | | | 55 | ------------------------------------------------------- |
D | src/zlibs/ttab | | | 98 | ------------------------------------------------------------------------------- |
D | src/zlibs/zuper | | | 729 | ------------------------------------------------------------------------------- |
D | src/zlibs/zuper.init | | | 35 | ----------------------------------- |
R | src/tomb -> tomb | | | 0 | |
R | src/hexencode.c -> tomb-kdb-hexencode.c | | | 0 | |
R | src/gen_salt.c -> tomb-kdb-pbkdf2-gensalt.c | | | 0 | |
R | src/benchmark.c -> tomb-kdb-pbkdf2-getiter.c | | | 0 | |
R | src/pbkdf2.c -> tomb-kdb-pbkdf2.c | | | 0 | |
A | wallet/bindhook | | | 1 | + |
A | zlibs/features | | | 126 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
A | zlibs/hooks | | | 160 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
A | zlibs/keyfiles | | | 75 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
A | zlibs/mounts | | | 55 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
A | zlibs/ttab | | | 98 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
A | zuper | | | 1 | + |
37 files changed, 855 insertions(+), 1498 deletions(-)
diff --git a/.gitmodules b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "zuper"] + path = zuper + url = https://github.com/dyne/zuper.git diff --git a/Makefile b/Makefile @@ -1,11 +1,63 @@ -all: - make -C src +# coffin +# see LICENSE file for copyright and license details -install: - make -C src install +include config.mk + + +BIN = \ + tomb-kdb-pbkdf2 \ + tomb-kdb-pbkdf2-getiter \ + tomb-kdb-pbkdf2-gensalt \ + tomb-kdb-hexencode + +OBJ = ${BIN:=.o} +SRC = ${BIN:=.c} + +all: options tomb + +options: + @echo coffin build options: + @echo "CFLAGS = ${CFLAGS}" + @echo "LDFLAGS = ${LDFLAGS}" + @echo "CC = ${CC}" + +.o: + @${CC} ${LDFLAGS} -o $@ $< ${LDLIBS} + +.c.o: + @echo CC $< + @${CC} ${CFLAGS} -o $@ -c $< + +${OBJ}: config.mk + +tomb: ${BIN} ${OBJ} clean: - make -C src clean + @echo cleaning + @rm -f ${BIN} ${OBJ} + +dist: clean + @echo creating dist tarball + @mkdir -p coffin-${VERSION} + @cp -f coffin config.mk LICENSE Makefile README.md NOTES.md \ + sacrist tomb ${SRC} coffin-${VERSION} + @cp -r zlibs helpers zuper extra coffin-${VERSION} + @rm -f coffin-${VERSION}/zuper/.git + @tar -cf coffin-${VERSION}.tar coffin-${VERSION} + @gzip coffin-${VERSION}.tar + @rm -rf coffin-${VERSION} + +install: all + @echo installing coffin to ${DESTDIR}${PREFIX} + @mkdir -p ${DESTDIR}${PREFIX}/coffin + @mkdir ${DESTDIR}${PREFIX}/coffin/bin + @mkdir ${DESTDIR}${PREFIX}/coffin/share + @cp -f coffin sacrist tomb ${BIN} ${DESTDIR}${PREFIX}/coffin/bin/ + @cp -rf zlibs zuper ${DESTDIR}${PREFIX}/coffin/share/ + uninstall: - make -C src uninstall + @echo removing coffin from ${DESTDIR}${PREFIX} + @rm -rf ${DESTDIR}${PREFIX}/coffin + +.PHONY: all options tomb clean dist install uninstall diff --git a/coffin b/coffin @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2016 Dyne.org Foundation +# coffin is written and maintained by Ivan J. <parazyd@dyne.org> +# +# This file is part of coffin +# +# This source code is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this source code. If not, see <http://www.gnu.org/licenses/>. + +pattern='sd[a-z][1-9]$' +coproc inotifywait --monitor --event create,delete --format '%e %w%f' /dev + +echo $COPROC_PID > /var/run/coffin.pid # pidfile + +while read -r -u "${COPROC[0]}" event file; do + if [[ $file =~ $pattern ]]; then + case $event in + CREATE) + echo "Created $file..." #; sleep 1 + $(dirname $0)/sacrist $file $event + ;; + DELETE) + echo "Removed $file..." #; sleep 1 + $(dirname $0)/sacrist $file $event + ;; + esac + fi +done diff --git a/config.mk b/config.mk @@ -0,0 +1,17 @@ +# coffin +# see LICENSE file for copyright and license details + +VERSION=0.4 + +# customize below to fit your system + +PREFIX = /usr/local +MANPREFIX = ${PREFIX}/share/man + +# flags +CFLAGS += -g -std=c99 -Os -fPIC -fPIE +LDLIBS = -lgcrypt +LDFLAGS += -g -pie + +# compiler and linker +CC = cc diff --git a/daemon b/daemon @@ -0,0 +1,28 @@ +#!/bin/sh +# +# Copyright (c) 2016 Dyne.org Foundation +# coffin is written and maintained by Ivan J. <parazyd@dyne.org> +# +# This file is part of coffin +# +# This source code is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this source code. If not, see <http://www.gnu.org/licenses/>. + +## this script tries to emulate the behaviour of bsd daemon(3) call +## runs a job with its std streams closed and detaches from terminal + +if test -z $1; then + echo usage: $(basename $0) job && exit 1 +fi + +(exec "$@" &) > /dev/null 2>&1 diff --git a/src/extra/Makefile b/extra/Makefile diff --git a/src/extra/apachedav b/extra/apachedav diff --git a/src/extra/coffin.init b/extra/coffin.init diff --git a/extra/coffin.key b/extra/coffin.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCgbODvcDyKndsb +5fEf5313LmK7kurZ+JEjFbprAKgz1v4THBKqVYxyNeH0tTP5SsFi58iXEdYYBo08 +pd4PEP65KfJnj9fSGtbMX8h0D7ldrqH9k6bByOShVs8Qx8lftHEA9Dvc69adGrIk +8ZjDEmXbtbwaJ6/Ff83nlFUveVqXtyVCO8TiyVxyZ8LY0tIcAtBMlfhMBwY5vUl0 +Pe6wLTvxiUMz0sOdqN8Vq7dI/vcqrbqtWpQ4NefNY6DL8BOpv0TeQG4e5+tcCEft +W6rWW6RKiwM74Eg0USU9ciXWWq4xulxPG+9qoW4pq6cFw0Fz1NzgfkofDAVdtY9t +ltgzKNRA6f1wG/xsmt2N5lvxAHNsSNjZ6fSf09W2hiGldnvZ6+7QZcMAVPb1Svo5 +evGSOC2N5rRHNZXakv/tPpB6675oxh/4R43Bv0Q7p5dtX4KD5CJVdsu+act9IL67 +1EFRVQ0G/l3NvKPeeFLApRFRyQKvA7MzifBMJv7FfMjFVt/mTVICzcrtwc5pd0aK +A7mW7kb/afPHwL4vNirlfCcN9V3aaBt95FGKOPNKmZ2Xi6n9KBFHL5JFxk1pTQRj +27VGcdAZ+vC7ZyETUE5bVANNDZSmZBYL2P7lOsHerSqUcIEtkZLQk2/l81kcRCH8 +VsjJcfVW1vm1jgp5MaoUMDp+F5WLkQIDAQABAoICADQlkCxkqFlKnKmB4hJD1iXC +fzeHty1pPgxQiMs1aHeJYAdoLa0Op9uMJkm8CQv0v83dl/d7RcODha98HyV4mcQo +nXIKcNYMAVxnmioX3mJUXLWnpCIDokXLiP1kY9HnPoBX44mZY6anwdZ+bfCi71cu +yNkbo2godg7byaDn6om8b7EK6qHpYFKT5eNDDCcsxvbOHOrhsaVdIR5W71p3KbAG +tUCINyvtc66ApdBliIRn+nFVKy7mXtYFl4QTIuEfmkxAV0tWicvdqTu/e1W4bjwI +2eFBs1bGNbu2ehQmX88sS8svQnC/zqZe9KjL4l+7hpy2kHNtHeVrGhc+XEKs9+kq +JmqhKTZL3t0NTlNaBFY+B1Q6dJa6pvUH+V1GN9N31bIhDn448RPzzboTV/bBOixi +ubzIJoDUSX9zkYAJ22/5XuheUSKOz2VrZjBmOskYAizBtFFsNAtgyRIHtZg4ZAgI +1WmpbbBbjXiy19AHpVc5J2czCTVNtov2gbuBR7yz1ohPrUDv08J9o2qj0Sktdn06 +yPUtdLgiN2IUo6gl8k4abXusWSCP93U9+IxKFTLRnOpOW9XxLYjBqFj8cYU3hgCc +1Qce9jcqDG9l7Fe0VBUyiA2Wvv6fA+f/XY0QYeh00CKw+Y6DRAi4eITCvW6mIjr3 +jvVyYeARA6jreCBKBrPBAoIBAQDLMsXqwMiKVJ61+C0EfE1QAdptM8nB/0fgblbQ +EPg5t1ANLcaDAoNLiYwRxtjmQanXH16rdeQ+8nxDnsnwyxydTOGqziGbqeMUzRRi +FR9rhtsCOiElqlX0XtQtBcAIOiu6VDyX3TdQB/Y6kZy36spb5z2OVPKRllNrb2xI +rmjfYYb8P+nXD5MJKrlo8Q6bCZIMIc89jBNO4ERIJwP/MfcEgzPoJ9flBYL41M9p +XICjdKW+YEO3ikELHzrCVPanhbyGTDdObAy+gTY7m1g6lQwqwJfKGyi55UFtRvLM +LhPH8gNPNCY/ApyEPZrENyerCh0kFJ+RDf6JaoimI2kCwexJAoIBAQDKHL6Bmus6 +kZl+Pm6+MHB6wv+cLh4Mk/IK/NlL1N00skSyORA/cF3lB8swNJa4c7yWANoMXNQ5 +8ozb7bfo60WpGKufGQvTKT0IXswPf7DLSy7YZNM6hbFobj5VzCJMZmjBrsKJKZqu +RdAGMrcg0bob6Qm4vSZhODZ/mPExDU6FFNuLS97CWQBBviBVzsHnTnWI6UW3oKWn +95/F17lhOeldX//wEGbV23mrBn+XXgXpYNi6wA7zq4tiUOXj26i9ekaKgYv96sCm +pM9owWRYw2DlI5rjRceCykm9VDbe8b1/7qeLJ78eJEqzOSWaqoPAZSAhBTUe0o7i +IDSO5X2g0FUJAoIBAGvyjTIpOGBElAwXy9KWNnxKf7+Dw6tL8uNHutbOLRB8Ugqu +RsdSjm2SpNbMzG2GdLPT9ncgKiFGsL07ngxN2uW18izLVQ9dMUXbrPhuQELfYXnN +Z86arw8jUZSZeWrlfFWAarBC1R+vGyACOz95fAdW0VzLxBGTyr1IdD4oaY5CQXPA +gHm/zF0SVW1qole6vdu0GmSYBanhemTaVUU9Rf0ftnOetxLz2qBWbdmLSsuLLIH2 +ogLfb6546L5UZLSaV40A8GC5BgwumKER5c05YT1VE05LH1eicx+akWHnGJsf9qId +EjRnLr8R+yZCJtC2jsScMCjfRlm6Pt4D8cWFQAECggEBAJNxeMEQBT7K7REd9qgk +qknEa7jCJAXFADRn1RXvChjhXCAwZNwC21yz3NUj6DhTpmY/5NJT/jbv7TacKyhu +SnlbmAgOu4Omd/HdRjygSJdmF5yhoT72PUAT/MGWlAbsRsvU8/IgOcmdAG8lHFeC +6KRn00HEK3WNDqTzLDE+peOMHcV26eEaEIflba1rkiVuJWxl0Qhu16q7iQFJqOF2 +3/nQiOPW805cOFw992KzothoYHOMnNvCb4KfxbX+jxD7XO66Jyhr03M+lFi1jMD8 +d3lyChJ2219ct4K5JvZpoHbt4agwrMoOa7hnnjlA37DBlTjBlckQjlAEcpM0c/uX +QBECggEACj0KFvWRikBsMK57cTYKzKLYIcGDArOawAdiqLT+ZmLp1t+U7n3Efpw+ +kC4mnEJ4Pnb3MTIH6UNEBa5TGnTuvZ1bertDKjW8KvIgb1Y90KNKm/ruNxlCLA7Q +7RgNVTWleQFLNVgQmPw90KjUWkkOzcS4atAJ6enROXaXcrfHz4eTmc4DbRvA+xUS +h4xSjPq7ro+AzQSzCG2519vrEvvIovvLQaaZX5fstUcb4frhbpQd9JzjtqJc0b9S +UqntJ+WMICXT6oALgLChZD2MuArVPJBUvmvz4Rz30J6bHEP6NYJPBTmR9e9mlqQa +/n3lc+LNbXwBbp3pK0SccBuBN5u2gw== +-----END PRIVATE KEY----- diff --git a/extra/coffin.pem b/extra/coffin.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFXTCCA0WgAwIBAgIJAMpciwT0q3QLMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQwHhcNMTYwNTE3MDk1NzIxWhcNMjYwNTE1MDk1NzIxWjBF +MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 +ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAoGzg73A8ip3bG+XxH+d9dy5iu5Lq2fiRIxW6awCoM9b+ExwSqlWMcjXh +9LUz+UrBYufIlxHWGAaNPKXeDxD+uSnyZ4/X0hrWzF/IdA+5Xa6h/ZOmwcjkoVbP +EMfJX7RxAPQ73OvWnRqyJPGYwxJl27W8GievxX/N55RVL3lal7clQjvE4slccmfC +2NLSHALQTJX4TAcGOb1JdD3usC078YlDM9LDnajfFau3SP73Kq26rVqUODXnzWOg +y/ATqb9E3kBuHufrXAhH7Vuq1lukSosDO+BINFElPXIl1lquMbpcTxvvaqFuKaun +BcNBc9Tc4H5KHwwFXbWPbZbYMyjUQOn9cBv8bJrdjeZb8QBzbEjY2en0n9PVtoYh +pXZ72evu0GXDAFT29Ur6OXrxkjgtjea0RzWV2pL/7T6Qeuu+aMYf+EeNwb9EO6eX +bV+Cg+QiVXbLvmnLfSC+u9RBUVUNBv5dzbyj3nhSwKURUckCrwOzM4nwTCb+xXzI +xVbf5k1SAs3K7cHOaXdGigO5lu5G/2nzx8C+LzYq5XwnDfVd2mgbfeRRijjzSpmd +l4up/SgRRy+SRcZNaU0EY9u1RnHQGfrwu2chE1BOW1QDTQ2UpmQWC9j+5TrB3q0q +lHCBLZGS0JNv5fNZHEQh/FbIyXH1Vtb5tY4KeTGqFDA6fheVi5ECAwEAAaNQME4w +HQYDVR0OBBYEFEveK4OH3+IDe77AXaqiqBX1w+GBMB8GA1UdIwQYMBaAFEveK4OH +3+IDe77AXaqiqBX1w+GBMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIB +ACqgmYWgbqaPt4m6VyFVRrmV4GG6eYWWvoVgMeii2N48eCfF9xI6uHbZfqTzH6Jz +G46R+LGjyDK8FOOuCa4cy1pj/Kg+Ddr2mEDvps3aKOyg2+40QotM5mB21699pY6c +/MvTM2Wot0R5aL9Ucvxu/w1DEn+O8ucQE6obx0xd/YtdjTDzF/6gvUpC8Bo9cij0 +Ef5eNsQP2ypDJxqrEAStYRsjVNRBLODOllxW7ot5Opbc1HHEDQFYeMG4Tm3Oj0NG +lIZ8mNc3jPcdUR+ipRDgcwYZ0+emhgMS0X2JBbT+EmFSe3I5/Lg6e4BnYx+Pzqex +gV8eVHnMdZ5AzQQs/JfEzfZhgdS/4NHBy15mbSHrtVbgedL4HBdinuoR4A0vtoyh +FqE3mw57IZ1X56h342BRU95LK48RhJr1BEZSdfqpaavtBywS2ltEyzW17/00LesB +Q+TKAkrMrwgi5XbEKoOXVGIoxgLMI72uB56NIv8nsApo2htAzFzG/uiLnaVAHAg9 +w65d0kMtDSEegnr+UXfJBlvYXPt3schqGiot0+fczIMl08ab71jQBcEkXt9RV6WI +Ka3mzPSBw1VgkiDJiwuQj/pCxr2bu2jrIAhgN9Xh/bhucLHGiVA+CmomDXgaklet +3EWQGV+gpRCeF8pJK6ZyMZmJ8j+OK6qpQCwuO+7myMQb +-----END CERTIFICATE----- diff --git a/src/extra/conf.sh b/extra/conf.sh diff --git a/src/extra/davpasswd b/extra/davpasswd diff --git a/src/extra/gen.sh b/extra/gen.sh diff --git a/helpers/makehook b/helpers/makehook @@ -184,9 +184,13 @@ happenz() { successmsg } ;; + 0) + + printf "Quitting...\" + exit + ;; *) - echo -e "\n" - echo "No valid option. Exiting..." + printf "\nNo valid option. Exiting...\n" exit ;; esac @@ -196,7 +200,9 @@ main() { cat <<EOF ######################################################### - ..:: COFFIN ::.. + ┏━╸┏━┓┏━╸┏━╸╻┏┓╻ + ┃ ┃ ┃┣╸ ┣╸ ┃┃┗┫ + ┗━╸┗━┛╹ ╹ ╹╹ ╹ = cryptographic office filer for important nuggets = version 0.4 https://coffin.dyne.org @@ -206,12 +212,13 @@ main() { 3) Backup a tomb from the coffin 4) Toggle your tomb's open/close state 5) Configure and create a Bitcoin wallet +0) Quit ######################################################### EOF -read -n 1 -p "Type in the number of the function you wish to perform: " action +read -p "Type in the number of the function you wish to perform: " action happenz $action } diff --git a/sacrist b/sacrist @@ -0,0 +1,100 @@ +#!/usr/bin/env zsh +# +# Copyright (c) 2016 Dyne.org Foundation +# coffin is written and maintained by Ivan J. <parazyd@dyne.org> +# +# This file is part of coffin +# +# This source code is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this source code. If not, see <http://www.gnu.org/licenses/>. + +coffin_version=0.4 + +DEBUG=${DEBUG:-0} +QUIET=${QUIET:-0} +LOG=${LOG:-""} + +swapoff -a ## I feel so safe + +R="$(dirname $0)" +source $R/../share/zlibs/zuper + +# USB key +vars+=(device keyuuid) + +vars+=(GRAVEYARD TOMBS TMPTOMBS TOMBPASSWD) +vars+=(KEYMOUNT COFFINDOT TTAB HOOKS) +vars+=(keypass undertaker tombid) +vars+=(happenz device keyuuid) + +source $R/../share/zlibs/features +source $R/../share/zlibs/hooks +source $R/../share/zlibs/keyfiles +source $R/../share/zlibs/mounts +source $R/../share/zlibs/ttab + +source $R/../share/zlibs/zuper.init + +LOCK=$R/.lock +[[ -f $LOCK ]] && { warn "Lock found. Wait until finished." && exit } +touch $LOCK + +# Check for a configuration file +# [[ -f ".coffinrc" ]] && parse-config + +device=$1 && xxx "Device: $device" +happenz=$2 && xxx "Happenz: $happenz" +keyuuid=$(lsblk -no uuid $device) && xxx "Key UUID: $keyuuid" + +GRAVEYARD="/home/graveyard" # Our graveyard, with all the tombs +TOMBS="$GRAVEYARD/tombs" # Info about opened tombs, holds keyuuid, keyhash and tombid +TMPTOMBS="$GRAVEYARD/tmptombs" # Temp tempfile, for updating $tombs +TOMBPASSWD="$GRAVEYARD/passwd" +KEYMOUNT="/media/tombkey" # Directory where keys get mounted +COFFINDOT="$KEYMOUNT/coffin" # .coffin directory on the usb key +TTAB="$COFFINDOT/ttab" # Our ttab +HOOKS="$COFFINDOT/hook" +TOMB="$R/tomb" + +# Main +req=(happenz device) +ckreq || { + die "Not called through mourner. Exiting..." + clean + exit +} + +act "Coffin v${coffin_version}, Cryptographic office filer for important nuggets " + +[[ $happenz == "CREATE" ]] && { + mount-key $device || { die "Key not mounted successfully." && exit 1 } + + if [[ -d "$COFFINDOT" ]]; then + act "Found .coffin" + [[ -f "$HOOKS" ]] && xxx "Found hooks" && \ + check-hooks + [[ -f "$TTAB" ]] && xxx "Found ttab" && \ + ttab-magic + else + warn "No .coffin directory" + fi + + umount-key $device + rm -f $LOCK && exit 0 || exit 1 + # cleanup & exit +} + +[[ $happenz == "DELETE" ]] && { + # TODO: Some kind of endgame + rm -f $LOCK && exit 0 || exit 1 +} diff --git a/src/Makefile b/src/Makefile @@ -1,65 +0,0 @@ -PREFIX = /usr/local/coffin/bin -CFLAGS = -O2 - -all: - $(CC) $(CFLAGS) -o tomb-kdb-pbkdf2 pbkdf2.c -lgcrypt - $(CC) $(CFLAGS) -o tomb-kdb-pbkdf2-getiter benchmark.c -lgcrypt - $(CC) $(CFLAGS) -o tomb-kdb-pbkdf2-gensalt gen_salt.c -lgcrypt - $(CC) $(CFLAGS) -o tomb-kdb-hexencode hexencode.c - make -C extra - -clean: - rm -f tomb-kdb-pbkdf2 - rm -f tomb-kdb-pbkdf2-getiter - rm -f tomb-kdb-pbkdf2-gensalt - rm -f tomb-kdb-hexencode - make -C extra clean - -install: - install -Dm755 coffin ${PREFIX}/coffin - install -Dm755 sacrist ${PREFIX}/sacrist - install -Dm755 zlibs/features ${PREFIX}/zlibs/features - install -Dm755 zlibs/hooks ${PREFIX}/zlibs/hooks - install -Dm755 zlibs/keyfiles ${PREFIX}/zlibs/keyfiles - install -Dm755 zlibs/mounts ${PREFIX}/zlibs/mounts - install -Dm755 zlibs/ttab ${PREFIX}/zlibs/ttab - install -Dm755 zlibs/zuper ${PREFIX}/zlibs/zuper - install -Dm644 zlibs/zuper.init ${PREFIX}/zlibs/zuper.init - install -Dm755 tomb ${PREFIX}/tomb - install -Dm755 tomb-kdb-pbkdf2 ${PREFIX}/tomb-kdb-pbkdf2 - install -Dm755 tomb-kdb-pbkdf2-getiter ${PREFIX}/tomb-kdb-pbkdf2-getiter - install -Dm755 tomb-kdb-pbkdf2-gensalt ${PREFIX}/tomb-kdb-pbkdf2-gensalt - install -Dm755 tomb-kdb-hexencode ${PREFIX}/tomb-kdb-hexencode - install -Dm770 -g coffin -d /home/graveyard - install -Dm755 extra/coffin.init /etc/init.d/coffin - install -Dm775 -g www-data -d /etc/apache2/DAV - install -Dm600 extra/davpasswd /etc/apache2/DAV/davpasswd - install -Dm640 extra/apachedav /etc/apache2/sites-available/coffindav.conf - install -Dm700 -d /etc/ssl/coffin - install -Dm400 extra/coffin.pem /etc/ssl/coffin/coffin.pem - install -Dm400 extra/coffin.key /etc/ssl/coffin/coffin.key - make -C extra install - @echo "To enable WebDAV, run: 'a2ensite coffindav.conf' as root." - -uninstall: - make -C extra uninstall - rm -f ${PREFIX}/coffin - rm -f ${PREFIX}/sacrist - rm -f ${PREFIX}/zlibs/features - rm -f ${PREFIX}/zlibs/hooks - rm -f ${PREFIX}/zlibs/keyfiles - rm -f ${PREFIX}/zlibs/mounts - rm -f ${PREFIX}/zlibs/ttab - rm -f ${PREFIX}/zlibs/zuper - rm -f ${PREFIX}/zlibs/zuper.init - rm -f ${PREFIX}/tomb - rm -f ${PREFIX}/tomb-kdb-pbkdf2 - rm -f ${PREFIX}/tomb-kdb-pbkdf2-getiter - rm -f ${PREFIX}/tomb-kdb-pbkdf2-gensalt - rm -f ${PREFIX}/tomb-kdb-hexencode - rm -f /etc/init.d/coffin - rm -rf /etc/apache2/DAV - rm -f /etc/apache2/sites-available/coffindav.conf - rm -f /etc/apache2/sites-enabled/coffindav.conf - rm -rf /etc/ssl/coffin - @echo "To disable WebDAV, run: 'a2dissite coffindav.conf' as root." diff --git a/src/coffin b/src/coffin @@ -1,39 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2016 Dyne.org Foundation -# coffin is written and maintained by parazyd <parazyd@dyne.org> -# -# This file is part of coffin -# -# This source code is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This software is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this source code. If not, see <http://www.gnu.org/licenses/>. - -pattern='sd[a-z][1-9]$' -coproc inotifywait --monitor --event create,delete --format '%e %w%f' /dev - -echo $COPROC_PID > /var/run/coffin.pid # pidfile - -while read -r -u "${COPROC[0]}" event file; do - if [[ $file =~ $pattern ]]; then - case $event in - CREATE) - echo "Created $file..." #; sleep 1 - /usr/local/share/coffin/bin/sacrist $file $event - ;; - DELETE) - echo "Removed $file..." #; sleep 1 - /usr/local/share/coffin/bin/sacrist $file $event - ;; - esac - fi -done diff --git a/src/sacrist b/src/sacrist @@ -1,106 +0,0 @@ -#!/usr/bin/env zsh -# -# Copyright (c) 2016 Dyne.org Foundation -# coffin is written and maintained by parazyd <parazyd@dyne.org> -# -# This file is part of coffin -# -# This source code is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This software is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this source code. If not, see <http://www.gnu.org/licenses/>. - -coffin_version=0.4 -coffin_release_date="May/2016" - -DEBUG=${DEBUG:-0} -QUIET=${QUIET:-0} -LOG=${LOG:-""} - -swapoff -a # I feel so safe - -zkv=1 -helpers=1 - -R=/usr/local/share/coffin/bin -source $R/zlibs/zuper - -# USB key -vars+=(device keyuuid) -# Locals -vars+=(GRAVEYARD TOMBS TMPTOMBS TOMBPASSWD) -vars+=(KEYMOUNT COFFINDOT TTAB HOOKS) -vars+=(keypass undertaker tombid) -vars+=(happenz device keyuuid) - -source $R/zlibs/zuper.init -source $R/zlibs/features -source $R/zlibs/hooks -source $R/zlibs/keyfiles -source $R/zlibs/mounts -source $R/zlibs/ttab -#source $R/zlibs/config - -LOCK=$R/.lock -[[ -f $LOCK ]] && { warn "Lock found. Wait until finished." && exit } -touch $LOCK - -# Check for a configuration file -# [[ -f ".coffinrc" ]] && parse-config - -device=$1 && xxx "Device: $device" -happenz=$2 && xxx "Happenz: $happenz" -keyuuid=$(lsblk -no uuid $device) && xxx "Key UUID: $keyuuid" - -GRAVEYARD="/home/graveyard" # Our graveyard, with all the tombs -TOMBS="$GRAVEYARD/tombs" # Info about opened tombs, holds keyuuid, keyhash and tombid -TMPTOMBS="$GRAVEYARD/tmptombs" # Temp tempfile, for updating $tombs -TOMBPASSWD="$GRAVEYARD/passwd" -KEYMOUNT="/media/tombkey" # Directory where keys get mounted -COFFINDOT="$KEYMOUNT/coffin" # .coffin directory on the usb key -TTAB="$COFFINDOT/ttab" # Our ttab -HOOKS="$COFFINDOT/hook" -TOMB="$R/tomb" - -# Main -req=(happenz device) -ckreq || { - die "Not called through mourner. Exiting..." - clean - exit -} - -act "Coffin, Cryptographic office filer for important nuggets " -act "Version: $coffin_version, $coffin_release_date" - -[[ $happenz == "CREATE" ]] && { - mount-key $device - [[ $? = 0 ]] || { die "Key not mounted successfully." && exit } - - if [[ -d "$COFFINDOT" ]]; then - act "Found .coffin" - [[ -f "$HOOKS" ]] && xxx "Found hooks" && \ - check-hooks - [[ -f "$TTAB" ]] && xxx "Found ttab" && \ - ttab-magic - else - warn "No .coffin directory" - fi - - umount-key $device - rm $LOCK - # cleanup & exit -} - -[[ $happenz == "DELETE" ]] && { - # TODO: Some kind of endgame - rm $LOCK -} diff --git a/src/zlibs/features b/src/zlibs/features @@ -1,126 +0,0 @@ -#!/usr/bin/env zsh -# -# Copyright (c) 2016 Dyne.org Foundation -# coffin is written and maintained by parazyd <parazyd@dyne.org> -# -# This file is part of coffin -# -# This source code is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This software is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this source code. If not, see <http://www.gnu.org/licenses/>. - -create-webdav-hook() { - fn create-webdav-hook - - davconf="/etc/apache2/sites-available/coffindav.conf" - davpass="/etc/apache2/DAV/davpasswd" - - if [[ $entry =~ webdav && -f $COFFINDOT/davpasswd ]]; then - act "Found WebDAV data. Setting up..." - - cat $COFFINDOT/davpasswd >> $davpass - [[ $? = 0 ]] || { - die "Failed setting up WebDAV." - return 1 - } - rm $COFFINDOT/davpasswd - gpasswd -a www-data $undertaker # NOTE: consider standalone group - act "Added new WebDAV user" - - sed -i -e :a -e '$d;N;2,3ba' -e 'P;D' $davconf -# cat $COFFINDOT/webdav.conf >> $davconf - cat << EOF >> $davconf - - alias /${tombid} /media/${tombid} - <Directory "/media/${tombid}"> - Dav On - AllowOverride none - Options Indexes - AuthType Digest - AuthName WebDAV - AuthUserFile /etc/apache2/DAV/davpasswd - Require user ${undertaker} - </Directory> - - </VirtualHost> -</IfModule> -EOF - act "Wrote to $davconf" - /etc/init.d/apache2 reload - [[ $? = 0 ]] || warn "Apache is funky" -# rm $COFFINDOT/webdav.conf - act "Done setting up WebDAV" - else - act "No WebDAV data found" - return 0 - fi -} - -delete-webdav-hook() { - fn delete-webdav-hook $* - req=(tombid) - tombid="$1" - ckreq || return 1 - - davconf="/etc/apache2/sites-available/coffindav.conf" - - sed -i '/alias\ \/${tombid}/,+10 d' $davconf - /etc/init.d/apache2 reload - [[ $? = 0 ]] || warn "Apache is funky" - act "Deleted WebDAV data" -} - -create-sshfs-hook() { - fn create-sshfs-hook - - if [[ $entry =~ sshfs && -f $COFFINDOT/$tombid.pub ]]; then - act "Found SSH data. Setting up..." - - [[ -d /home/$undertaker/.ssh ]] || mkdir -p /home/$undertaker/.ssh - cat $COFFINDOT/$tombid.pub >> /home/$undertaker/.ssh/authorized_keys - chown -R $undertaker:$undertaker /home/$undertaker/.ssh - chmod 700 /home/$undertaker/.ssh && chmod 600 /home/$undertaker/.ssh/authorized_keys - - [[ $? = 0 ]] && act "Wrote to authorized_keys" \ - && act "Done setting up SSH" - - # NOTE: maybe remove SSH key from usb, consider deletion - else - act "No SSH data found" - fi -} - -delete-sshfs-hook() { - fn delete-sshfs-hook $* - req=(undertaker tombid) - undertaker="$1" - tombid="$2" - ckreq || return 1 - - authkeys="/home/$undertaker/.ssh/authorized_keys" - - grep -v $tombid $authkeys > $authkeys.tmp - mv $authkeys.tmp $authkeys - - act "Deleted SSH data" -} - -create-wallet-hook() { - fn create-wallet-hook - - if [[ $entry =~ ":wallet" ]]; then - act "Found Bitcoin wallet data. Setting up..." - - [[ -d /home/$undertaker/.bitcoin/wallet ]] || mkdir -p /home/$undertaker/.bitcoin/wallet - # TODO: see NOTES.md about the tmp idea - fi -} diff --git a/src/zlibs/hooks b/src/zlibs/hooks @@ -1,160 +0,0 @@ -#!/usr/bin/env zsh -# -# Copyright (c) 2016 Dyne.org Foundation -# coffin is written and maintained by parazyd <parazyd@dyne.org> -# -# This file is part of coffin -# -# This source code is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This software is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this source code. If not, see <http://www.gnu.org/licenses/>. - -check-hooks() { - # TODO: fragmented keys, delete, backup, moar - fn check-hooks - - line=0 - for entry in $(cat $HOOKS); do - let hook=$line+1 - act "Found hook $line..." - - # Check what's hook supposed to do - if [[ ${entry[(ws@:@)1]} == "create" ]]; then - create-new-tomb - elif [[ ${entry[(ws@:@)1]} == "delete" ]]; then - delete-tomb - elif [[ ${entry[(ws@:@)1]} == "backup" ]]; then - backup-tomb - else - die "No valid hook syntax on hook $hook" - print $entry >> $HOOKS.fail - act "Wrote failed hook to $HOOKS.fail" - return 1 - fi - done - rm $HOOKS -} - -create-new-tomb() { - fn create-new-tomb - - # TODO: recognize custom post/bind hooks and implement them in the - # new tomb - - act "Creating new tomb" - - undertaker=${entry[(ws@:@)2]} && xxx "Undertaker: $undertaker" - tombid=${entry[(ws@:@)3]} && xxx "Tombid: $tombid" - tombsize=${entry[(ws@:@)4]} && xxx "Tomb size: $tombsize" - keypass=$(pwgen 30 -1 1) && xxx "Key password: $keypass" - - $(id $undertaker &>/dev/null) - [[ $? = 0 ]] || { - warn "User $undertaker not found. Creating..." - useradd -G coffin -m -s /bin/sh $undertaker - act "Created user $undertaker" - } - - act "Digging your tomb..." - - sudo -u $undertaker $TOMB dig -s $tombsize $GRAVEYARD/$tombid.tomb || \ - (die "Digging went downhill. Cleaning and exiting" && \ - clean-failed-hook) - - sudo -u $undertaker $TOMB forge -k $GRAVEYARD/$tombid.key \ - --kdf 10 \ - --unsafe \ - --tomb-pwd "$keypass" || \ - (die "Forging key went downhill. Cleaning and exiting" && \ - clean-failed-hook) - - sudo -u $undertaker $TOMB lock $GRAVEYARD/$tombid.tomb \ - -k $GRAVEYARD/$tombid.key \ - --unsafe \ - --tomb-pwd "$keypass" || \ - (die "Locking tomb went downhill. Cleaning and exiting" && \ - clean-failed-hook) - - xxx "Moving your keyfile to your USB key..." - mv $GRAVEYARD/$tombid.key $COFFINDOT/ && \ - chown $undertaker:$undertaker $COFFINDOT/$tombid.key && \ - xxx "Moved and chowned keyfile" - - print "${undertaker}:${tombid}:true" >> $TTAB - - hash-key - print "${keyhash}:${keypass}" >> $TOMBPASSWD - chmod 600 $TOMBPASSWD - act "Wrote to ttab and tombpasswd" - - # Check for features - create-webdav-hook - create-sshfs-hook - create-wallet-hook -} - -delete-tomb() { - fn delete-tomb - - act "Deleting tomb" - - undertaker=${entry[(ws@:@)2]} && xxx "Undertaker: $undertaker" - tombid=${entry[(ws@:@)3]} && xxx "Tombid: $tombid" - - [[ $(id $undertaker) ]] || { - die "User $undertaker not found. Exiting..." \ - && return 1 - } - - [[ -f $GRAVEYARD/$tombid.tomb ]] || { - die "Tomb $tombid.tomb not found. Exiting..." \ - && return 1 - } - - [[ -f $COFFINDOT/$tombid.key ]] || { - die "Key of $tombid not found. Exiting..." \ - && return 1 - } - - compare-key - [[ $? = 0 ]] && { - sudo -u $undertaker $TOMB slam $tombid - update-tombs del - - grep -v ${undertaker}:${tombid} $TTAB > $TTAB.tmp - mv $TTAB.tmp $TTAB && \ - act "Removed from ttab" - - grep -v ${keyhash} $TOMBPASSWD > $TOMBPASSWD.tmp - mv $TOMBPASSWD.tmp $TOMBPASSWD && \ - chmod 600 $TOMBPASSWD && \ - act "Removed from tombpasswd" - - # Check for features - delete-webdav-hook $tombid - delete-sshfs-hook $undertaker $tombid - } -} - -check-temptomb() { - fn check-temptomb - - act "Checking for tomb temps" - if [[ -d ${GRAVEYARD}/temp/${tombid} ]]; then - mv ${GRAVEYARD}/temp/${tombid}/* /media/${tombid}/ - mv ${GRAVEYARD}/temp/${tombid}/.* /media/${tombid}/ - - act "Moved all tomb temps" - - rmdir ${GRAVEYARD}/temp/${tombid} - fi -} diff --git a/src/zlibs/keyfiles b/src/zlibs/keyfiles @@ -1,75 +0,0 @@ -#!/usr/bin/env zsh -# -# Copyright (c) 2016 Dyne.org Foundation -# coffin is written and maintained by parazyd <parazyd@dyne.org> -# -# This file is part of coffin -# -# This source code is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This software is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this source code. If not, see <http://www.gnu.org/licenses/>. - -hash-key() { - fn hash-key - vars+=(keyhash) - keyhash="" - - keyhash=${$(sha256sum $COFFINDOT/$tombid.key)[(ws: :)1]} - xxx "sha256 of keyfile: $keyhash" -} - -compare-key() { - fn compare-key - - hash-key - - if [[ ( $(grep $keyhash $TOMBS | grep $keyuuid) ) ]]; then - return 0 - else - return 1 - fi -} - -# ,_-=(!7(7/zs_. -# .=' ' .`/,/!(=)Zm. -# .._,,._.. ,-`- `,\ ` -` -`\\7//WW. -# ,v=~/.-,-\- -!|V-s.)iT-|s|\-.' `///mK%. -# v!`i!-.e]-g`bT/i(/[=.Z/m)K(YNYi.. /-]i44M. -# v`/,`|v]-DvLcfZ/eV/iDLN\D/ZK@%8W[Z.. `/d!Z8m -# //,c\(2(X/NYNY8]ZZ/bZd\()/\7WY%WKKW) -'|(][%4. -# ,\\i\c(e)WX@WKKZKDKWMZ8(b5/ZK8]Z7%ffVM, -.Y!bNMi -# /-iit5N)KWG%%8%%%%W8%ZWM(8YZvD)XN(@. [ \]!/GXW[ -# / ))G8\NMN%W%%%%%%%%%%8KK@WZKYK*ZG5KMi,- vi[NZGM[ -# i\!(44Y8K%8%%%**~YZYZ@%%%%%4KWZ/PKN)ZDZ7 c=//WZK%! This is a euphemism for how my code is structured. -# ,\v\YtMZW8W%%f`,`.t/bNZZK%%W%%ZXb*K(K5DZ -c\\/KM48 -# -|c5PbM4DDW%f v./c\[tMY8W%PMW%D@KW)Gbf -/(=ZZKM8[ If you're reading this, you have probably been put -# 2(N8YXWK85@K -'c|K4/KKK%@ V%@@WD8e~ .//ct)8ZK%8` in charge of maintaining this program. -# =)b%]Nd)@KM[ !'\cG!iWYK%%| !M@KZf -c\))ZDKW%` -# YYKWZGNM4/Pb '-VscP4]b@W% 'Mf` -L\///KM(%W! I am so, so sorry for you. -# !KKW4ZK/W7)Z. '/cttbY)DKW% -` .',\v)K(5KW%%f -# 'W)KWKZZg)Z2/,!/L(-DYYb54% ,,`, -\-/v(((KK5WW%f God speed. -# \M4NDDKZZ(e!/\7vNTtZd)8\Mi!\-,-/i-v((tKNGN%W%% -# 'M8M88(Zd))///((|D\tDY\\KK-`/-i(=)KtNNN@W%%%@%[ -# !8%@KW5KKN4///s(\Pd!ROBY8/=2(/4ZdzKD%K%%%M8@%% -# '%%%W%dGNtPK(c\/2\[Z(ttNYZ2NZW8W8K%%%%YKM%M%%. -# *%%W%GW5@/%!e]_tZdY()v)ZXMZW%W%%%*5Y]K%ZK%8[ -# '*%%%%8%8WK\)[/ZmZ/Zi]!/M%%%%@f\ \Y/NNMK%%! -# 'VM%%%%W%WN5Z/Gt5/b)((cV@f` - |cZbMKW%%| -# 'V*M%%%WZ/ZG\t5((+)L'-,,/ -)X(NWW%%% -# `~`MZ/DZGNZG5(((\, ,t\\Z)KW%@ -# 'M8K%8GN8\5(5///]i!v\K)85W%%f -# YWWKKKKWZ8G54X/GGMeK@WM8%@ -# !M8%8%48WG@KWYbW%WWW%%%@ -# VM%WKWK%8K%%8WWWW%%%@` -# ~*%%%%%%W%%%%%%%@~ -# ~*MM%%%%%%@f` -# ''''' diff --git a/src/zlibs/mounts b/src/zlibs/mounts @@ -1,55 +0,0 @@ -#!/usr/bin/env zsh -# -# Copyright (c) 2016 Dyne.org Foundation -# coffin is written and maintained by parazyd <parazyd@dyne.org> -# -# This file is part of coffin -# -# This source code is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This software is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this source code. If not, see <http://www.gnu.org/licenses/>. - -mount-key() { - fn mount-key $* - req=(device) - device="$1" - ckreq || return 1 - - if [[ -d $KEYMOUNT ]]; then - die "$KEYMOUNT already exists." - return 1 - else - act "Creating $KEYMOUNT" - mkdir -p $KEYMOUNT - act "Mounting..." - mount $device $KEYMOUNT - return 0 - fi -} - -umount-key() { - fn umount-key $? - req=(device) - device="$1" - ckreq || return 1 - - if [[ -d $KEYMOUNT ]]; then - act "Unmounting $device" - umount $device \ - && rmdir $KEYMOUNT - act "Success umounting" - return 0 - else - act "No $KEYMOUNT found" - return 0 - fi -} diff --git a/src/zlibs/ttab b/src/zlibs/ttab @@ -1,98 +0,0 @@ -#!/usr/bin/env zsh -# -# Copyright (c) 2016 Dyne.org Foundation -# coffin is written and maintained by parazyd <parazyd@dyne.org> -# -# This file is part of coffin -# -# This source code is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This software is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this source code. If not, see <http://www.gnu.org/licenses/>. - -update-tombs() { - fn update-tombs $* - req=(happ) - happ="$1" - ckreq || return 1 - - if [[ $happ == "add" ]]; then - print "${undertaker}:${keyhash}:${keyuuid}" >> $TOMBS && \ - chmod 600 $TOMBS && \ - act "Added info to $TOMBS" - elif [[ $happ == "del" ]]; then - cp $TOMBS $TMPTOMBS - grep -v "${keyhash}:${keyuuid}" $TMPTOMBS > $TOMBS && \ - chmod 600 $TOMBS && \ - act "Removed from $TOMBS" - rm $TMPTOMBS - fi -} - -ttab-magic() { - fn ttab-magic - - act "Doing ttab magic..." - - line=0 - for entry in $(cat $TTAB); do - let line=$line+1 - act "Found line $line..." - - [[ ${entry[(ws@:@)3]} == "true" ]] && { - act "Working on tomb from line $line" - - undertaker=${entry[(ws@:@)1]} && xxx "Undertaker: $undertaker" - tombid=${entry[(ws@:@)2]} && xxx "Tombid: $tombid" - - compare-key - [[ $? = 0 ]] && { - act "compare-key -> true" - close-tomb - - update-tombs del - continue - } - - act "compare-key -> false" - - hash-key - keypass=$(grep $keyhash $TOMBPASSWD) - keypass=${keypass[(ws@:@)2]} - xxx "Key password: $keypass" - - open-tomb - - [[ -d "/media/$tombid" ]] && { - chmod g+rw /media/$tombid - update-tombs add - } - - check-temptomb - } - done -} - -open-tomb() { - sudo -u ${undertaker} ${TOMB} open \ - ${GRAVEYARD}/${tombid}.tomb \ - -k ${COFFINDOT}/${tombid}.key \ - --unsafe \ - --tomb-pwd "${keypass}" - - [[ $? = 0 ]] || { die "Tomb didn't open" && return 1 } -} - -close-tomb() { - sudo -u ${undertaker} ${TOMB} slam ${tombid} - - [[ $? = 0 ]] || { die "Tomb didn't slam" && return 1 } -} diff --git a/src/zlibs/zuper b/src/zlibs/zuper @@ -1,729 +0,0 @@ -#!/usr/bin/env zsh -## -*- origami-fold-style: triple-braces -*- -# -# Zuper - Zsh Ultimate Programmer's Extensions Refurbished -# -# Copyright (C) 2015 Dyne.org Foundation -# -# Zuper is designed, written and maintained by Denis Roio <jaromil@dyne.org> -# -# This source code is free software; you can redistribute it and/or -# modify it under the terms of the GNU Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. -# -# This source code is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -# Please refer to the GNU Public License for more details. -# -# You should have received a copy of the GNU Public License along with -# this source code; if not, write to: -# Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - -########################## -typeset -aU vars -typeset -aU arrs -typeset -aU maps - -vars=(DEBUG QUIET LOG) -arrs=(req freq) - -vars+=(zuper_version) -zuper_version=0.2 - -# {{{ Messaging - -# Messaging function with pretty coloring -autoload colors -colors - -vars+=(last_act last_func last_notice) - -function _msg() { - local msg="$2" - command -v gettext 1>/dev/null 2>/dev/null && msg="$(gettext -s "$2")" - for i in $(seq 3 ${#}); - do - msg=${(S)msg//::$(($i - 2))*::/$*[$i]} - done - - local command="print -P" - local progname="$fg[magenta]${PROGRAM##*/}$reset_color" - local message="$fg_bold[normal]$fg_no_bold[normal]$msg$reset_color" - local -i returncode - - case "$1" in - inline) - command+=" -n"; pchars=" > "; pcolor="yellow" - ;; - message) - last_act="$msg" - pchars=" . "; pcolor="white"; message="$fg_no_bold[$pcolor]$msg$reset_color" - ;; - verbose) - last_func="$msg" - pchars="[D]"; pcolor="blue" - ;; - success) - last_notice="$msg" - pchars="(*)"; pcolor="green"; message="$fg_no_bold[$pcolor]$msg$reset_color" - ;; - warning) - pchars="[W]"; pcolor="yellow"; message="$fg_no_bold[$pcolor]$msg$reset_color" - ;; - failure) - pchars="[E]"; pcolor="red"; message="$fg_no_bold[$pcolor]$msg$reset_color" - returncode=1 - ;; - print) - progname="" - ;; - *) - pchars="[F]"; pcolor="red" - message="Developer oops! Usage: _msg MESSAGE_TYPE \"MESSAGE_CONTENT\"" - returncode=127 - zerr - ;; - esac - ${=command} "${progname} $fg_bold[$pcolor]$pchars$reset_color ${message}$color[reset_color]" >&2 - - # write the log if its configured - [[ "$LOG" = "" ]] || { - touch $LOG || return $? - ${=command} "${progname} $fg_bold[$pcolor]$pchars$reset_color ${message}$color[reset_color]" >> $LOG - } - - return $returncode -} - -function _message say act() { - local notice="message" - [[ "$1" = "-n" ]] && shift && notice="inline" - [[ $QUIET = 1 ]] || _msg "$notice" $@ - return 0 -} - -function _verbose xxx func() { - [[ $DEBUG = 1 ]] && _msg verbose $@ - return 0 -} - -function _success yes notice() { - [[ $QUIET = 1 ]] || _msg success $@ - return 0 -} - -function _warning no warn warning() { - [[ $QUIET = 1 ]] || _msg warning $@ - return 0 -} - -function _failure fatal die error() { - # typeset -i exitcode=${exitv:-1} - [[ $QUIET = 1 ]] || _msg failure $@ - return 1 -} - -function _print() { - [[ $QUIET = 1 ]] || _msg print $@ - return 0 -} - -# }}} Messaging - -# {{{ Debugging - -fn() { - fun="$@" - req=() - freq=() - func "$fun" -} - -zerr() { - error "error in: ${fun:-$last_notice}" - [[ "$last_func" = "" ]] || warn "called in: $last_func" - [[ "$last_act" = "" ]] || warn "called in: $last_act" - [[ "$last_notice" = "" ]] || warn "called in: $last_notice" - # [[ "$fun" = "" ]] || warn "called in: $fun" - TRAPEXIT() { - error "error reported, operation aborted." - } - return 1 -} - - -ckreq reqck() { - err=0 - for v in $req; do - [[ "${(P)v}" = "" ]] && { - warn "${fun[(ws: :)1]}(): required setting is blank: $v" - err=1 - } - done - - [[ $err = 1 ]] && return $err - - for f in $freq; do - # exists and has size greater than zero - [[ -s $f ]] || { - warn "required file empty: $f" - err=1 - } - done - [[ $err == 1 ]] && zerr - return $err -} - -zdump() { - fn zdump - [[ ${#vars} -gt 0 ]] && { - print "Global variables:" - for _v in $vars; do - print " $_v = \t ${(P)_v}" - done - } - [[ ${#arrs} -gt 0 ]] && { - print "Global arrays:" - for _a in $arrs; do - print " $_a \t ( ${(P)_a} )" - done - } - [[ ${#maps} -gt 0 ]] && { - print "Global maps:" - for _m in $maps; do - print " $_m [key] \t ( ${(Pk)_m} )" - print " $_m [val] \t ( ${(Pv)_m} )" - done - } -} - -# handy wrappers for throw/catch execution of blocks where we need the -# program to exit on any error (non-zero) returned by any function -throw() { function TRAPZERR() { zerr; return 1 } } -catch() { function TRAPZERR() { } } - -########################## -# Endgame handling - -arrs+=(destruens) -destruens=() - -# Trap functions for the endgame event -TRAPINT() { endgame INT; return $? } -# TRAPEXIT() { endgame EXIT; return $? } -TRAPHUP() { endgame HUP; return $? } -TRAPQUIT() { endgame QUIT; return $? } -TRAPABRT() { endgame ABORT; return $? } -TRAPKILL() { endgame KILL; return $? } -# TRAPPIPE() { endgame PIPE; return $? } -TRAPTERM() { endgame TERM; return $? } -TRAPSTOP() { endgame STOP; return $? } -# TRAPZERR() { func "function returns non-zero." } - - -endgame() { - fn "endgame $*" - - # execute all no matter what - TRAPZERR() { } - - # process registered destructors - for d in $destruens; do - fn "destructor: $d" - $d - done - return 0 -} - -# Register endgame() to be called at exit. -# unlike TRAPEXIT, the zshexit() hook is not called when functions exit. -zshexit() { endgame EXIT; return $? } - -# }}} Debugging - -# {{{ Tempfiles - -########################## -# Temp file handling - -vars+=(ztmpfile) -# ztmp() fills in $ztmpfile global. Caller must copy that variable as -# it will be overwritten at every call. -ztmp() { - fn ztmp - - ztmpfile=`mktemp` - tmpfiles+=($ztmpfile) -} - -# All tempfiles are freed in endgame() -_ztmp_destructor() { - fn _ztmp_destructor - - for f in $tmpfiles; do - rm -f "$f" - done - tmpfiles=() -} - -arrs+=(tmpfiles) -destruens+=(_ztmp_destructor) - -# }}} Tempfiles - -# {{{ Strings - -# tokenizer, works only with one char length delimiters -# saves everything in global array tok=() -arrs+=(tok) -strtok() { - fn "strtok $*" - _string="$1" - _delim="$2" - req=(_string _delim) - ckreq || return $? - - tok=() - f=0 - c=0 - for c in {1..${#_string}}; do - if [[ "${_string[(e)$c]}" == "$_delim" ]]; then - # check if not empty - t=${_string[(e)$(($f + 1)),$(($c - 1))]} - [[ "$t" == "" ]] || tok+=($t) - # save last found - f=$c - fi - done - # add last token - t=${_string[(e)$(($f + 1)),$c]} - [[ "$t" == "" ]] || tok+=($t) -} - -# TODO: move in here some helpers - -# }}} Strings - -# {{{ Key/Value filesave - -# optional: define zkv=1 on source - -[[ "$zkv" = "" ]] || { - - ########################## - # Key/Value file storage using ZSh associative maps - - zmodload zsh/system - - # load a map from a file - # map must be already instantiated with typeset -A by called - # name of map is defined inside the file - function zkv.load() { - fn "zkv-load $*" - - file=$1 - [[ "$file" = "" ]] && { - error "zkv-open() missing argument: file-path" - zerr - return 1 } - [[ -r "$file" ]] || { - error "zkv-open() file not found $file" - zerr - return 1 } - [[ -s "$file" ]] || { - error "zkv-open() file is empty" - zerr - return 1 } - - source $file - } - - # save a map in a file - # $1 = name of the map associative array - # $2 = full path to the file - function zkv.save() { - fn "zkv.save $*" - - _map=$1 - _path=$2 - [[ "$_path" = "" ]] && { - error "zkv.save() missing argument: map-name path-to-file" - zerr - return 1 - } - [[ -r $_path ]] && { - func "zkv.close() overwriting $_path" - func "backup turd left behind: ${_path}~" - mv $_path $_path~ - } - touch $_path - - # wondering about http://www.zsh.org/mla/users/2015/msg00286.html - # meanwhile solved using a double array, wasting a full map memcpy - _karr=(${(Pk)_map}) - _varr=(${(Pv)_map}) - _num="${#_karr}" - for c in {1..$_num}; do - # can also be cat here, however for speed we use builtins - # switch to cat if compatibility is an issue - sysread -o 1 <<EOF >> $_path -$_map+=("${_karr[$c]}" "${(v)_varr[$c]}") -EOF - done - func "$_num key/values stored in $_path" - } - -} - -# }}} Key/Value filesave - -# {{{ Get/Set REST API - -# optional: define restful=1 on source - -[[ "$restful" = "" ]] || { - - ######## - # Restful API client - # there is a clear zsh optimization here in get/set kv - # using zsh/tcp instead of spawning curl - # and perhaps querying with one call using ?recursive - - zmodload zsh/net/tcp - - - function restful.put() { - fn "restful.put $*" - - # $1 = hostname - # $2 = port - # $3 = path - # value from stdin | - - # to check if the http service is running is up to the caller - - _host=${1} # ip address - _port=${2} - _path=${3} - sysread _v - - req=(_host) - ckreq || return $? - - if ztcp $_host $_port; then - - # TODO: work out various parsers, this one works with consul.io - - _fd=$REPLY - # func "tcp open on fd $fd" - cat <<EOF >& $_fd -PUT ${_path} HTTP/1.1 -User-Agent: Zuper/$zuper_version -Host: ${_host}:${_port} -Accept: */* -Content-Length: ${#_v} -Content-Type: application/x-www-form-urlencoded - -EOF - - print -n "$_v" >& $_fd - - sysread -i $_fd _res - - # close connection - ztcp -c $_fd - - [[ "$_res" =~ "true" ]] || { - warn "failed PUT on restful key/value" - warn "host: ${_host}" - warn "port: ${_port}" - warn "path: ${_path}" - warn "value: $_v" - print - "$_res" - zerr - return 1 - } - - else - error "cannot connect to restful service: $_host:$_port" - zerr - return 1 - fi - - return 0 - - } - - function restful.get() { - fn "restful.get $*" - - _host=${1} - _port=${2} - _path=${3} - - req=(_host _port) - ckreq || return $? - - ztcp $_host $_port || { - zerr - return 1 - } - - _fd=$REPLY - - # TODO: work out various parsers, this one works with consul.io - - cat <<EOF >& $_fd -GET ${_path} HTTP/1.1 -User-Agent: Zuper/$zuper_version -Host: $_host:$_port -Accept: */* - -EOF - sysread -i $_fd -o 1 | awk -F: ' -/"Value":/ { gsub(/"|}]/,"",$7) ; print $7 }' | base64 -d - - # close connection - ztcp -c $_fd - - return 0 - - } - -} - -# }}} Get/Set REST API - -# {{{ Helpers -[[ "$helpers" = "" ]] || { - - function helper.isfound isfound() { - command -v $1 1>/dev/null 2>/dev/null - return $? - } - - # remote leading and trailing spaces in a string taken from stdin - function helper.trim trim() { - sed -e 's/^[[:space:]]*//g ; s/[[:space:]]*\$//g' - } - - zmodload zsh/mapfile - # faster substitute for cat - function helper.printfile printfile() { - print ${mapfile[$1]} - } - - # extract all emails found in a text from stdin - # outputs them one per line - function helper.extract-emails extract_emails() { - awk '{ for (i=1;i<=NF;i++) - if ( $i ~ /[[:alnum:]]@[[:alnum:]]/ ) { - gsub(/<|>|,/ , "" , $i); print $i } }' - } - - - zmodload zsh/regex - # takes a string as argument, returns success if is an email - function helper.isemail isemail() { - [[ "$1" -regex-match "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" ]] && return 0 - - return 1 - } - - # takes a numeric argument and prints out a human readable size - function helper.human-size human_size() { - [[ $1 -gt 0 ]] || { - error "human_size() called with invalid argument" - return 1 - } - - # we use the binary operation for speed - # shift right 10 is divide by 1024 - - # gigabytes - [[ $1 -gt 1073741824 ]] && { - print -n "$(( $1 >> 30 )) GB" - return 0 - } - - # megabytes - [[ $1 -gt 1048576 ]] && { - print -n "$(( $1 >> 20 )) MB" - return 0 - } - # kilobytes - [[ $1 -gt 1024 ]] && { - print -n "$(( $1 >> 10 )) KB" - return 0 - } - # bytes - print -n "$1 Bytes" - return 0 - } - - - # strips out all html/xml tags (everything between < >) - function helper.html-strip xml_strip html_strip() { sed 's/<[^>]\+>//g' } - - # changes stdin string special chars to be shown in html - function helper.escape-html escape_html() { - sed -e ' -s/\&/\&/g -s/>/\>/g -s/</\</g -s/"/\"/g -' - } - - # escapes special chars in urls - function helper.decode-url decode_url urldecode() { - sed -e ' -s/%25/%/gi -s/%20/ /gi -s/%09/ /gi -s/%21/!/gi -s/%22/"/gi -s/%23/#/gi -s/%24/\$/gi -s/%26/\&/gi -s/%27/'\''/gi -s/%28/(/gi -s/%29/)/gi -s/%2a/\*/gi -s/%2b/+/gi -s/%2c/,/gi -s/%2d/-/gi -s/%2e/\./gi -s/%2f/\//gi -s/%3a/:/gi -s/%3b/;/gi -s/%3d/=/gi -s/%3e//gi -s/%3f/?/gi -s/%40/@/gi -s/%5b/\[/gi -s/%5c/\\/gi -s/%5d/\]/gi -s/%5e/\^/gi -s/%5f/_/gi -s/%60/`/gi -s/%7b/{/gi -s/%7c/|/gi -s/%7d/}/gi -s/%7e/~/gi -s/%09/ /gi -' - } - - function helper.encode-url encode_url urlencode() { - sed -e ' -s/%/%25/g -s/ /%20/g -s/ /%09/g -s/!/%21/g -s/"/%22/g -s/#/%23/g -s/\$/%24/g -s/\&/%26/g -s/'\''/%27/g -s/(/%28/g -s/)/%29/g -s/\*/%2a/g -s/+/%2b/g -s/,/%2c/g -s/-/%2d/g -s/\./%2e/g -s/\//%2f/g -s/:/%3a/g -s/;/%3b/g -s//%3e/g -s/?/%3f/g -s/@/%40/g -s/\[/%5b/g -s/\\/%5c/g -s/\]/%5d/g -s/\^/%5e/g -s/_/%5f/g -s/`/%60/g -s/{/%7b/g -s/|/%7c/g -s/}/%7d/g -s/~/%7e/g -s/ /%09/g -' - } - -} -# }}} Helpers - -# {{{ Config - -# This is not a full config parser, but its a mechanism to read single -# sections of configuration files that are separated using various -# syntax methods. The only method supported is now org-mode whose -# sections start with #+ . It fills in the global array -# $config_section which can be read out to a file or interpreted in -# memory, whatever syntax it may contain. - -vars+=(config_section_type) -arrs+=(config_section) -config_section_type=org-mode - -config.section.type() { - fn config.section.type - _type=$1 - req=(_type) - ckreq || return $? - - case $_type in - org-mode) - config_section_type=org-mode - ;; - *) - error "Unknown config type:$_type" - return 1 - ;; - esac - - act "$_type config section parser initialized" - return 0 - -} - -# fills in contents of section in array config_section -config.section.read() { - fn config.section.read - _file=$1 - _section=$2 - req=(_file _section) - freq=($_file) - ckreq || return $? - - case $config_section_type in - org-mode) - _contents=`awk ' -BEGIN { found=0 } -/^#\+ '"$_section"'/ { found=1; next } -/^#\+/ { if(found==1) exit 0 } -/^$/ { next } -{ if(found==1) print $0 } -' $_file` - - ;; - *) - error "Unknown config type:$_type" - ;; - esac - - config_section=() - for c in ${(f)_contents}; do - config_section+=("$c") - done - return 0 - -} - -# }}} Config diff --git a/src/zlibs/zuper.init b/src/zlibs/zuper.init @@ -1,35 +0,0 @@ -########################## -# Zuper Init - -# initialize globals only after sourcing everything -# since zlibs may contain more variable declarations -for _v in $vars; do - typeset -h $_v -done -for _a in $arrs; do - typeset -aU $_a -done -for _m in $maps; do - typeset -A $_m -done - -# reset defaults -DEBUG=${DEBUG:-0} -QUIET=${QUIET:-0} -LOG=${LOG:-""} -req=() -freq=() -last_act=() -last_func=() -last_notice=() -tmpfiles=() -config_section=() -config_section_type=${config_section_type:-org-mode} - - -func "Zuper $zuper_version initialized" -func "${#vars} global variables registered" -func "${#arrs} global arrays registered" -func "${#maps} global maps registered" - - diff --git a/src/tomb b/tomb diff --git a/src/hexencode.c b/tomb-kdb-hexencode.c diff --git a/src/gen_salt.c b/tomb-kdb-pbkdf2-gensalt.c diff --git a/src/benchmark.c b/tomb-kdb-pbkdf2-getiter.c diff --git a/src/pbkdf2.c b/tomb-kdb-pbkdf2.c diff --git a/wallet/bindhook b/wallet/bindhook @@ -0,0 +1 @@ +wallets .bitcoin/wallets diff --git a/zlibs/features b/zlibs/features @@ -0,0 +1,126 @@ +#!/usr/bin/env zsh +# +# Copyright (c) 2016 Dyne.org Foundation +# coffin is written and maintained by Ivan J. <parazyd@dyne.org> +# +# This file is part of coffin +# +# This source code is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this source code. If not, see <http://www.gnu.org/licenses/>. + +create-webdav-hook() { + fn create-webdav-hook + + davconf="/etc/apache2/sites-available/coffindav.conf" + davpass="/etc/apache2/DAV/davpasswd" + + if [[ $entry =~ webdav && -f $COFFINDOT/davpasswd ]]; then + act "Found WebDAV data. Setting up..." + + cat $COFFINDOT/davpasswd >> $davpass + [[ $? = 0 ]] || { + die "Failed setting up WebDAV." + return 1 + } + rm $COFFINDOT/davpasswd + gpasswd -a www-data $undertaker # NOTE: consider standalone group + act "Added new WebDAV user" + + sed -i -e :a -e '$d;N;2,3ba' -e 'P;D' $davconf +# cat $COFFINDOT/webdav.conf >> $davconf + cat << EOF >> $davconf + + alias /${tombid} /media/${tombid} + <Directory "/media/${tombid}"> + Dav On + AllowOverride none + Options Indexes + AuthType Digest + AuthName WebDAV + AuthUserFile /etc/apache2/DAV/davpasswd + Require user ${undertaker} + </Directory> + + </VirtualHost> +</IfModule> +EOF + act "Wrote to $davconf" + /etc/init.d/apache2 reload + [[ $? = 0 ]] || warn "Apache is funky" +# rm $COFFINDOT/webdav.conf + act "Done setting up WebDAV" + else + act "No WebDAV data found" + return 0 + fi +} + +delete-webdav-hook() { + fn delete-webdav-hook $* + req=(tombid) + tombid="$1" + ckreq || return 1 + + davconf="/etc/apache2/sites-available/coffindav.conf" + + sed -i '/alias\ \/${tombid}/,+10 d' $davconf + /etc/init.d/apache2 reload + [[ $? = 0 ]] || warn "Apache is funky" + act "Deleted WebDAV data" +} + +create-sshfs-hook() { + fn create-sshfs-hook + + if [[ $entry =~ sshfs && -f $COFFINDOT/$tombid.pub ]]; then + act "Found SSH data. Setting up..." + + [[ -d /home/$undertaker/.ssh ]] || mkdir -p /home/$undertaker/.ssh + cat $COFFINDOT/$tombid.pub >> /home/$undertaker/.ssh/authorized_keys + chown -R $undertaker:$undertaker /home/$undertaker/.ssh + chmod 700 /home/$undertaker/.ssh && chmod 600 /home/$undertaker/.ssh/authorized_keys + + [[ $? = 0 ]] && act "Wrote to authorized_keys" \ + && act "Done setting up SSH" + + # NOTE: maybe remove SSH key from usb, consider deletion + else + act "No SSH data found" + fi +} + +delete-sshfs-hook() { + fn delete-sshfs-hook $* + req=(undertaker tombid) + undertaker="$1" + tombid="$2" + ckreq || return 1 + + authkeys="/home/$undertaker/.ssh/authorized_keys" + + grep -v $tombid $authkeys > $authkeys.tmp + mv $authkeys.tmp $authkeys + + act "Deleted SSH data" +} + +create-wallet-hook() { + fn create-wallet-hook + + if [[ $entry =~ ":wallet" ]]; then + act "Found Bitcoin wallet data. Setting up..." + + [[ -d /home/$undertaker/.bitcoin/wallet ]] || mkdir -p /home/$undertaker/.bitcoin/wallet + # TODO: see NOTES.md about the tmp idea + fi +} diff --git a/zlibs/hooks b/zlibs/hooks @@ -0,0 +1,160 @@ +#!/usr/bin/env zsh +# +# Copyright (c) 2016 Dyne.org Foundation +# coffin is written and maintained by Ivan J. <parazyd@dyne.org> +# +# This file is part of coffin +# +# This source code is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this source code. If not, see <http://www.gnu.org/licenses/>. + +check-hooks() { + # TODO: fragmented keys, delete, backup, moar + fn check-hooks + + line=0 + for entry in $(cat $HOOKS); do + let hook=$line+1 + act "Found hook $line..." + + # Check what's hook supposed to do + if [[ ${entry[(ws@:@)1]} == "create" ]]; then + create-new-tomb + elif [[ ${entry[(ws@:@)1]} == "delete" ]]; then + delete-tomb + elif [[ ${entry[(ws@:@)1]} == "backup" ]]; then + backup-tomb + else + die "No valid hook syntax on hook $hook" + print $entry >> $HOOKS.fail + act "Wrote failed hook to $HOOKS.fail" + return 1 + fi + done + rm $HOOKS +} + +create-new-tomb() { + fn create-new-tomb + + # TODO: recognize custom post/bind hooks and implement them in the + # new tomb + + act "Creating new tomb" + + undertaker=${entry[(ws@:@)2]} && xxx "Undertaker: $undertaker" + tombid=${entry[(ws@:@)3]} && xxx "Tombid: $tombid" + tombsize=${entry[(ws@:@)4]} && xxx "Tomb size: $tombsize" + keypass=$(pwgen 30 -1 1) && xxx "Key password: $keypass" + + $(id $undertaker &>/dev/null) + [[ $? = 0 ]] || { + warn "User $undertaker not found. Creating..." + useradd -G coffin -m -s /bin/sh $undertaker + act "Created user $undertaker" + } + + act "Digging your tomb..." + + sudo -u $undertaker $TOMB dig -s $tombsize $GRAVEYARD/$tombid.tomb || \ + (die "Digging went downhill. Cleaning and exiting" && \ + clean-failed-hook) + + sudo -u $undertaker $TOMB forge -k $GRAVEYARD/$tombid.key \ + --kdf 10 \ + --unsafe \ + --tomb-pwd "$keypass" || \ + (die "Forging key went downhill. Cleaning and exiting" && \ + clean-failed-hook) + + sudo -u $undertaker $TOMB lock $GRAVEYARD/$tombid.tomb \ + -k $GRAVEYARD/$tombid.key \ + --unsafe \ + --tomb-pwd "$keypass" || \ + (die "Locking tomb went downhill. Cleaning and exiting" && \ + clean-failed-hook) + + xxx "Moving your keyfile to your USB key..." + mv $GRAVEYARD/$tombid.key $COFFINDOT/ && \ + chown $undertaker:$undertaker $COFFINDOT/$tombid.key && \ + xxx "Moved and chowned keyfile" + + print "${undertaker}:${tombid}:true" >> $TTAB + + hash-key + print "${keyhash}:${keypass}" >> $TOMBPASSWD + chmod 600 $TOMBPASSWD + act "Wrote to ttab and tombpasswd" + + # Check for features + create-webdav-hook + create-sshfs-hook + create-wallet-hook +} + +delete-tomb() { + fn delete-tomb + + act "Deleting tomb" + + undertaker=${entry[(ws@:@)2]} && xxx "Undertaker: $undertaker" + tombid=${entry[(ws@:@)3]} && xxx "Tombid: $tombid" + + [[ $(id $undertaker) ]] || { + die "User $undertaker not found. Exiting..." \ + && return 1 + } + + [[ -f $GRAVEYARD/$tombid.tomb ]] || { + die "Tomb $tombid.tomb not found. Exiting..." \ + && return 1 + } + + [[ -f $COFFINDOT/$tombid.key ]] || { + die "Key of $tombid not found. Exiting..." \ + && return 1 + } + + compare-key + [[ $? = 0 ]] && { + sudo -u $undertaker $TOMB slam $tombid + update-tombs del + + grep -v ${undertaker}:${tombid} $TTAB > $TTAB.tmp + mv $TTAB.tmp $TTAB && \ + act "Removed from ttab" + + grep -v ${keyhash} $TOMBPASSWD > $TOMBPASSWD.tmp + mv $TOMBPASSWD.tmp $TOMBPASSWD && \ + chmod 600 $TOMBPASSWD && \ + act "Removed from tombpasswd" + + # Check for features + delete-webdav-hook $tombid + delete-sshfs-hook $undertaker $tombid + } +} + +check-temptomb() { + fn check-temptomb + + act "Checking for tomb temps" + if [[ -d ${GRAVEYARD}/temp/${tombid} ]]; then + mv ${GRAVEYARD}/temp/${tombid}/* /media/${tombid}/ + mv ${GRAVEYARD}/temp/${tombid}/.* /media/${tombid}/ + + act "Moved all tomb temps" + + rmdir ${GRAVEYARD}/temp/${tombid} + fi +} diff --git a/zlibs/keyfiles b/zlibs/keyfiles @@ -0,0 +1,75 @@ +#!/usr/bin/env zsh +# +# Copyright (c) 2016 Dyne.org Foundation +# coffin is written and maintained by Ivan J. <parazyd@dyne.org> +# +# This file is part of coffin +# +# This source code is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this source code. If not, see <http://www.gnu.org/licenses/>. + +hash-key() { + fn hash-key + vars+=(keyhash) + keyhash="" + + keyhash=${$(sha256sum $COFFINDOT/$tombid.key)[(ws: :)1]} + xxx "sha256 of keyfile: $keyhash" +} + +compare-key() { + fn compare-key + + hash-key + + if [[ ( $(grep $keyhash $TOMBS | grep $keyuuid) ) ]]; then + return 0 + else + return 1 + fi +} + +# ,_-=(!7(7/zs_. +# .=' ' .`/,/!(=)Zm. +# .._,,._.. ,-`- `,\ ` -` -`\\7//WW. +# ,v=~/.-,-\- -!|V-s.)iT-|s|\-.' `///mK%. +# v!`i!-.e]-g`bT/i(/[=.Z/m)K(YNYi.. /-]i44M. +# v`/,`|v]-DvLcfZ/eV/iDLN\D/ZK@%8W[Z.. `/d!Z8m +# //,c\(2(X/NYNY8]ZZ/bZd\()/\7WY%WKKW) -'|(][%4. +# ,\\i\c(e)WX@WKKZKDKWMZ8(b5/ZK8]Z7%ffVM, -.Y!bNMi +# /-iit5N)KWG%%8%%%%W8%ZWM(8YZvD)XN(@. [ \]!/GXW[ +# / ))G8\NMN%W%%%%%%%%%%8KK@WZKYK*ZG5KMi,- vi[NZGM[ +# i\!(44Y8K%8%%%**~YZYZ@%%%%%4KWZ/PKN)ZDZ7 c=//WZK%! This is a euphemism for how my code is structured. +# ,\v\YtMZW8W%%f`,`.t/bNZZK%%W%%ZXb*K(K5DZ -c\\/KM48 +# -|c5PbM4DDW%f v./c\[tMY8W%PMW%D@KW)Gbf -/(=ZZKM8[ If you're reading this, you have probably been put +# 2(N8YXWK85@K -'c|K4/KKK%@ V%@@WD8e~ .//ct)8ZK%8` in charge of maintaining this program. +# =)b%]Nd)@KM[ !'\cG!iWYK%%| !M@KZf -c\))ZDKW%` +# YYKWZGNM4/Pb '-VscP4]b@W% 'Mf` -L\///KM(%W! I am so, so sorry for you. +# !KKW4ZK/W7)Z. '/cttbY)DKW% -` .',\v)K(5KW%%f +# 'W)KWKZZg)Z2/,!/L(-DYYb54% ,,`, -\-/v(((KK5WW%f God speed. +# \M4NDDKZZ(e!/\7vNTtZd)8\Mi!\-,-/i-v((tKNGN%W%% +# 'M8M88(Zd))///((|D\tDY\\KK-`/-i(=)KtNNN@W%%%@%[ +# !8%@KW5KKN4///s(\Pd!ROBY8/=2(/4ZdzKD%K%%%M8@%% +# '%%%W%dGNtPK(c\/2\[Z(ttNYZ2NZW8W8K%%%%YKM%M%%. +# *%%W%GW5@/%!e]_tZdY()v)ZXMZW%W%%%*5Y]K%ZK%8[ +# '*%%%%8%8WK\)[/ZmZ/Zi]!/M%%%%@f\ \Y/NNMK%%! +# 'VM%%%%W%WN5Z/Gt5/b)((cV@f` - |cZbMKW%%| +# 'V*M%%%WZ/ZG\t5((+)L'-,,/ -)X(NWW%%% +# `~`MZ/DZGNZG5(((\, ,t\\Z)KW%@ +# 'M8K%8GN8\5(5///]i!v\K)85W%%f +# YWWKKKKWZ8G54X/GGMeK@WM8%@ +# !M8%8%48WG@KWYbW%WWW%%%@ +# VM%WKWK%8K%%8WWWW%%%@` +# ~*%%%%%%W%%%%%%%@~ +# ~*MM%%%%%%@f` +# ''''' diff --git a/zlibs/mounts b/zlibs/mounts @@ -0,0 +1,55 @@ +#!/usr/bin/env zsh +# +# Copyright (c) 2016 Dyne.org Foundation +# coffin is written and maintained by Ivan J. <parazyd@dyne.org> +# +# This file is part of coffin +# +# This source code is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this source code. If not, see <http://www.gnu.org/licenses/>. + +mount-key() { + fn mount-key $* + req=(device) + device="$1" + ckreq || return 1 + + if [[ -d $KEYMOUNT ]]; then + die "$KEYMOUNT already exists." + return 1 + else + act "Creating $KEYMOUNT" + mkdir -p $KEYMOUNT + act "Mounting..." + mount $device $KEYMOUNT + return 0 + fi +} + +umount-key() { + fn umount-key $? + req=(device) + device="$1" + ckreq || return 1 + + if [[ -d $KEYMOUNT ]]; then + act "Unmounting $device" + umount $device \ + && rmdir $KEYMOUNT + act "Success umounting" + return 0 + else + act "No $KEYMOUNT found" + return 0 + fi +} diff --git a/zlibs/ttab b/zlibs/ttab @@ -0,0 +1,98 @@ +#!/usr/bin/env zsh +# +# Copyright (c) 2016 Dyne.org Foundation +# coffin is written and maintained by Ivan J. <parazyd@dyne.org> +# +# This file is part of coffin +# +# This source code is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this source code. If not, see <http://www.gnu.org/licenses/>. + +update-tombs() { + fn update-tombs $* + req=(happ) + happ="$1" + ckreq || return 1 + + if [[ $happ == "add" ]]; then + print "${undertaker}:${keyhash}:${keyuuid}" >> $TOMBS && \ + chmod 600 $TOMBS && \ + act "Added info to $TOMBS" + elif [[ $happ == "del" ]]; then + cp $TOMBS $TMPTOMBS + grep -v "${keyhash}:${keyuuid}" $TMPTOMBS > $TOMBS && \ + chmod 600 $TOMBS && \ + act "Removed from $TOMBS" + rm $TMPTOMBS + fi +} + +ttab-magic() { + fn ttab-magic + + act "Doing ttab magic..." + + line=0 + for entry in $(cat $TTAB); do + let line=$line+1 + act "Found line $line..." + + [[ ${entry[(ws@:@)3]} == "true" ]] && { + act "Working on tomb from line $line" + + undertaker=${entry[(ws@:@)1]} && xxx "Undertaker: $undertaker" + tombid=${entry[(ws@:@)2]} && xxx "Tombid: $tombid" + + compare-key + [[ $? = 0 ]] && { + act "compare-key -> true" + close-tomb + + update-tombs del + continue + } + + act "compare-key -> false" + + hash-key + keypass=$(grep $keyhash $TOMBPASSWD) + keypass=${keypass[(ws@:@)2]} + xxx "Key password: $keypass" + + open-tomb + + [[ -d "/media/$tombid" ]] && { + chmod g+rw /media/$tombid + update-tombs add + } + + check-temptomb + } + done +} + +open-tomb() { + sudo -u ${undertaker} ${TOMB} open \ + ${GRAVEYARD}/${tombid}.tomb \ + -k ${COFFINDOT}/${tombid}.key \ + --unsafe \ + --tomb-pwd "${keypass}" + + [[ $? = 0 ]] || { die "Tomb didn't open" && return 1 } +} + +close-tomb() { + sudo -u ${undertaker} ${TOMB} slam ${tombid} + + [[ $? = 0 ]] || { die "Tomb didn't slam" && return 1 } +} diff --git a/zuper b/zuper @@ -0,0 +1 @@ +Subproject commit 4fed4af700b791d7df770edf802aaf67c2a07e67